Date: Fri, 11 Dec 2015 12:30:27 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 205246] security/gnupg: pinentry-tty dumps core because of missing privelege Message-ID: <bug-205246-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=205246 Bug ID: 205246 Summary: security/gnupg: pinentry-tty dumps core because of missing privelege Product: Ports & Packages Version: Latest Hardware: amd64 OS: Any Status: New Severity: Affects Some People Priority: --- Component: Individual Port(s) Assignee: kuriyama@FreeBSD.org Reporter: alexander.haderer@loescap.de Flags: maintainer-feedback?(kuriyama@FreeBSD.org) Assignee: kuriyama@FreeBSD.org Created attachment 164117 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=164117&action=edit truss of gpg-agent talking with pinentry Scenario: symmetric encryption of a file (asymmetric encryption not tested, probably affected, too) case A: When running as root: root@uhura:/tmp # gpg -c somefile Enter passphrase Passphrase: Please re-enter this passphrase Passphrase: root@uhura:/tmp # result is as expected: somefile.gpg is on disk as encrypted file case B: When running as user with non-root priveleges: % gpg -c somefile gpg: problem with the agent: End of file gpg: error creating passphrase: Operation cancelled gpg: symmetric encryption of 'somefile' failed: Operation cancelled % console/messages shows: kernel: pid 9717 (pinentry-tty), uid 2002: exited on signal 11 trussing the gpg-agent while talking with pinentry shows, that 1. pinentry starts up 2. they do some handshaking and parameter exchange 3. pinentry dies after receiving "GETPIN" see truss snippet attached with best regards -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-205246-13>